I have similar code working for the x86 section of the registry but have been unable to get the following to work on the x64 section of a Windows 8 registry
if RegExistKey(@REGMACHINE,`SOFTWARE\Macromedia\FlashPlayer`,64) then
Key = RegOpenKeyEx(@REGMACHINE, `SOFTWARE\Macromedia\FlashPlayer`,`FULL`,64,``)
Result = wntOwnerSet("", Key, ``, 400, "S-1-5-32-544", 3)
ret = wntAccessMod("", Key, 400, 3, 0)
RegCloseKey(Key)
RegDeleteKey(@REGMACHINE,`SOFTWARE\Macromedia\FlashPlayer`,64)
endif
It gets to the WntOwnerSet command and carries out the command correctly (Sets the owner) however Windows says the application quit unexpectedly at that point so the other commands fail to complete. Windows gave the following info about the crash:
Problem signature:
Problem Event Name: APPCRASH
Application Name: Adobe_FlashPlayer_11.7.700.169.exe
Application Version: 1.0.0.0
Application Timestamp: 50746b4a
Fault Module Name: wwwnt34i.dll
Fault Module Version: 39022.0.0.1
Fault Module Timestamp: 4e0b5032
Exception Code: c0000005
Exception Offset: 000127b6
OS Version: 6.2.9200.2.0.0.256.4
Locale ID: 1033
Additional Information 1: 3a09
Additional Information 2: 3a0909f3a050df40f4b3bc8ee32ede11
Additional Information 3: dde3
Additional Information 4: dde39a0ae23b224e5ab3d08c72f646fc
This appears to be an access violation however the process is being run as an administrator
Update:
I found that if I changed the FULL registry access to READ on the open command and the WntOwnerSet to not ZAP the DACL it works:
if RegExistKey(@REGMACHINE,`SOFTWARE\Macromedia\FlashPlayer`,64) then
if RegExistKey(@REGMACHINE,`SOFTWARE\Macromedia\FlashPlayer\SafeVersions`,64) then
Key = RegOpenKeyEx(@REGMACHINE, `SOFTWARE\Macromedia\FlashPlayer\SafeVersions`,`READ`,64,``)
Result = wntOwnerSet("", Key, ``, 400, "S-1-5-32-544", 1)
RegCloseKey(Key)
endif
Key = RegOpenKeyEx(@REGMACHINE, `SOFTWARE\Macromedia\FlashPlayer`,`READ`,64,``)
Result = wntOwnerSet("", Key, ``, 400, "S-1-5-32-544", 1)
ret = wntAccessMod("", Key, 400, 3, 0)
RegCloseKey(Key)
RegDeleteKey(@REGMACHINE,`SOFTWARE\Macromedia\FlashPlayer`,64)
endif
On Windows 8, If you want to set the group ownership of an object using a SID string in place of an account name, flags = 17 and 'account-name' contains the SID string value.
Maybe try this instead:
Result = wntOwnerSet("", Key, "", 400, "S-1-5-32-544", 17)